Adobe Patches

Published: 2012-11-08
Last Updated: 2012-11-08 22:13:31 UTC
by Daniel Wesemann (Version: 1)
0 comment(s)

Rumor has it that there is an Adobe Reader (PDF) zero-day. Google "Group IB zero day", and you'll find all the news outlets quoting each other. We don't have a sample PDF yet. If you have one, please share.  Needless to say that a PDF exploit is serious, and if indeed embedded in the Blacole exploit kit, is even more serious.  Not that the bad guys need PDF though .. it looks to me like 70% of the Internet is anyway still vulnerable to CVE2012-4681 (Java JRE), which has been in Blacole since late August.

Not a rumor: Flash Player has a couple of serious vulnerabilities, and Adobe has the patches: https://www.adobe.com/support/security/bulletins/apsb12-24.html   Not that this is news, really. Adobe browser plugin products NOT having serious vulnerabilities for a change .. now THAT would be news.
 

 

0 comment(s)
ISC StormCast for Thursday, November 8th 2012 http://isc.sans.edu/podcastdetail.html?id=2926

Get a 40% discount on your hotel room!

Published: 2012-11-08
Last Updated: 2012-11-08 00:31:45 UTC
by Daniel Wesemann (Version: 1)
1 comment(s)

Here's a novel (to me) phishing approach. Cal, one of our readers, was staying at a hotel in Arizona on business, and he got a call to his room from the - alleged - front desk. They were saying that their computer had gone down, and that they needed to re-verify his billing information.

Cute, isn't it.

Being a security geek, Cal didn't fall for it, said that he was currently talking on his mobile phone with his wife, and whether he could call back. Not surprisingly, the "front desk" seemed a tad reluctant to provide a number. Stalemate. That's when the phish caller came up with a very customer service oriented approach: "We really regret this trouble, and we will gladly offer you 40% off your room rate for the inconvenience"

But no dice: Not even the prospect of a "rebate" was sufficient to convince Cal to hand out his personal data and credit card information to an unknown caller. He hung up, walked down to the front desk, and upon asking, the lady at the front desk put her head down and said "You too? They've been calling 201, 203, 204, 210, and now you?"

Given the right circumstances and timing, I'd say quite a few hotel guests would fall for this. Make sure you are not one of them!
 

1 comment(s)

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/

Diary Archives